Castle

Account sharing is a form of account abuse that needs to be detected with more sophistication than just a one-time check during signup or login. Plus, there's no strict rule on how many accounts are okay to share—it's all up to your service's policies. blog.castle.io/how-to-prevent…

We're increasingly seeing how our customers are not just triggering one, but several different CAPTCHAs based on risk and user context. blog.castle.io/which-captcha-…

Product update: set up Slack alerts to get notified when suspicious behavior is detected, such as account sharing or multi-accounting. docs.castle.io/changelog/slac…

Often our customers find it hard to distinguish between *fraud* and *abuse*. While there are well-defined strategies for preventing fraud, handling abuse often feels like a never-ending game of whack-a-mole, with no one clearly responsible. blog.castle.io/the-different-…

Preventing online abuse, such as bots and account sharing, is typically integrated into your existing fraud prevention strategy over time. However, long before then, departments like Eng and Ops take on the responsibility for keeping your service safe. blog.castle.io/from-spam-to-s…

When measures like email or SMS verification are evaluated from a security perspective, they're often shot down as insecure options. However, when it comes to shutting down fraud and abuse *at scale*, things are a bit more nuanced. blog.castle.io/a-guide-to-acc…

Product update: we just launched the quick explorer in the Castle Dashboard. It allows you to quickly see data associated with any entity, such as all the accounts connected to a specific device or IP. docs.castle.io/changelog/quic…

Device fingerprinting *alone* is a way of stopping fraud, but in reality won't determine fraud alone. In practice, you'll have to build features using the fingerprints, preferably aggregating in *real-time* so that they can actually be used for blocking. blog.castle.io/7-fraud-preven…

As "proxy piercing" has become less effective in 2023 for revealing the true IP address behind a proxy, here are 11 tricks that'll help you predict someone's approximate location while maintaining a good balance of privacy blog.castle.io/11-ways-to-pin…

Product update: zoom-out button for the selected time range. Quickly zoom back out again after honing in on suspicious traffic spikes. docs.castle.io/changelog/zoom…

Device fingerprinting, particularly in the context of fraud prevention, has been getting more attention lately. As a developer, it can be hard to navigate options when vendors put their tech behind paywalls. Here are 9 solutions you can try for free. blog.castle.io/p/e2427c6c-fd4…

Product update: our APIs now support transaction base amount and granular merchant information, including MCC codes. This comes in handy when monitoring card transactions. docs.castle.io/changelog/impr…

New feature: Quickly find accounts using the same billing or shipping address. Castle provides a normalized address fingerprint out-of-the-box, but we've added the possibility to use your own. docs.castle.io/changelog/cust…

New feature: We're released a powerful new way of comparing multiple users' activity over time. Find and block those multi-accounters in an instant! docs.castle.io/changelog/comp…

Super excited to announce instant link analysis that helps you swiftly detect and prevent sophisticated fraud rings with just a few clicks. Unlike legacy solutions, our feature lets you perform link analysis on live data, providing visibility in real-time blog.castle.io/swiftly-identi…

New feature: add custom columns, based on any event field. E.g. min/max/average for numbers and unique value count for strings and enums, as well as the most recent value and top 20 docs.castle.io/changelog/cust…

We're excited to introduce the Event Explorer, giving security & fraud teams a new way to discover and investigate malicious activity. The new view allows you to browse & query Castle events, making it much faster to investigate & find patterns of fraud. blog.castle.io/announcing-the…

With our multi-accounting detection feature, you are better able to protect against atos involving a single device. Also, you can now catch users who are abusing marketing incentives, such as coupons, new-account rewards, or new customer referral bonuses. blog.castle.io/introducing-th…

We’re excited to introduce Risk Signals! While signals have always been a part of our risk assessment engine, these signals are now available for your direct use with this release. This allows you to enrich your data sets with a wealth of new information. blog.castle.io/castles-api-en…

We are excited to announce that we added the @reactnative SDK to our SDK stack! Our React Native SDK will allow developers to integrate Android and iOS applications with Castle using a single line of code. blog.castle.io/introducing-th…